diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2006-03-28 16:35:32 +0200 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2006-03-28 16:35:32 +0200 |
| commit | 3e4585c8fd0b23f884d775462736502599146af6 (patch) | |
| tree | 27b73970dedcc4215d6f7c4def10ee3990674143 /crypto | |
| parent | New general public key utility 'pkey'. (diff) | |
| download | openssl-3e4585c8fd0b23f884d775462736502599146af6.tar.xz openssl-3e4585c8fd0b23f884d775462736502599146af6.zip | |
New utility pkeyparam. Enhance and bugfix algorithm specific parameter
functions to support it.
Diffstat (limited to '')
| -rw-r--r-- | crypto/dh/dh.h | 3 | ||||
| -rw-r--r-- | crypto/dh/dh_ameth.c | 81 | ||||
| -rw-r--r-- | crypto/dh/dh_err.c | 3 | ||||
| -rw-r--r-- | crypto/dh/dh_prn.c | 44 | ||||
| -rw-r--r-- | crypto/dsa/dsa.h | 1 | ||||
| -rw-r--r-- | crypto/dsa/dsa_ameth.c | 20 | ||||
| -rw-r--r-- | crypto/dsa/dsa_err.c | 1 | ||||
| -rw-r--r-- | crypto/ec/ec.h | 1 | ||||
| -rw-r--r-- | crypto/ec/ec_ameth.c | 21 | ||||
| -rw-r--r-- | crypto/ec/ec_err.c | 11 | ||||
| -rw-r--r-- | crypto/pem/pem.h | 3 | ||||
| -rw-r--r-- | crypto/pem/pem_lib.c | 14 | ||||
| -rw-r--r-- | crypto/pem/pem_pkey.c | 6 |
13 files changed, 156 insertions, 53 deletions
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h index 7871882e35..48b6283704 100644 --- a/crypto/dh/dh.h +++ b/crypto/dh/dh.h @@ -215,13 +215,14 @@ void ERR_load_DH_strings(void); #define DH_F_DHPARAMS_PRINT_FP 101 #define DH_F_DH_BUILTIN_GENPARAMS 106 #define DH_F_DH_NEW_METHOD 105 +#define DH_F_DH_PARAM_DECODE 107 #define DH_F_GENERATE_KEY 103 #define DH_F_GENERATE_PARAMETERS 104 /* Reason codes. */ #define DH_R_BAD_GENERATOR 101 -#define DH_R_NO_PRIVATE_VALUE 100 #define DH_R_INVALID_PUBKEY 102 +#define DH_R_NO_PRIVATE_VALUE 100 #ifdef __cplusplus } diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index bcc56a166e..ba3ff562a1 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -67,6 +67,82 @@ static void int_dh_free(EVP_PKEY *pkey) DH_free(pkey->pkey.dh); } +static int dh_param_decode(EVP_PKEY *pkey, + const unsigned char **pder, int derlen) + { + DH *dh; + if (!(dh = d2i_DHparams(NULL, pder, derlen))) + { + DHerr(DH_F_DH_PARAM_DECODE, ERR_R_DH_LIB); + return 0; + } + EVP_PKEY_assign_DH(pkey, dh); + return 1; + } + +static int dh_param_encode(const EVP_PKEY *pkey, unsigned char **pder) + { + return i2d_DHparams(pkey->pkey.dh, pder); + } + +static int do_dhparam_print(BIO *bp, const DH *x, int indent, + ASN1_PCTX *ctx) + { + unsigned char *m=NULL; + int reason=ERR_R_BUF_LIB,ret=0; + size_t buf_len=0, i; + + if (x->p) + buf_len = (size_t)BN_num_bytes(x->p); + else + { + reason = ERR_R_PASSED_NULL_PARAMETER; + goto err; + } + if (x->g) + if (buf_len < (i = (size_t)BN_num_bytes(x->g))) + buf_len = i; + m=(unsigned char *)OPENSSL_malloc(buf_len+10); + if (m == NULL) + { + reason=ERR_R_MALLOC_FAILURE; + goto err; + } + + BIO_indent(bp, indent, 128); + if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n", + BN_num_bits(x->p)) <= 0) + goto err; + indent += 4; + if (!ASN1_bn_print(bp,"prime:",x->p,m,indent)) goto err; + if (!ASN1_bn_print(bp,"generator:",x->g,m,indent)) goto err; + if (x->length != 0) + { + BIO_indent(bp, indent, 128); + if (BIO_printf(bp,"recommended-private-length: %d bits\n", + (int)x->length) <= 0) goto err; + } + ret=1; + if (0) + { +err: + DHerr(DH_F_DHPARAMS_PRINT,reason); + } + if (m != NULL) OPENSSL_free(m); + return(ret); + } + +static int dh_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, + ASN1_PCTX *ctx) + { + return do_dhparam_print(bp, pkey->pkey.dh, indent, ctx); + } + +int DHparams_print(BIO *bp, const DH *x) + { + return do_dhparam_print(bp, x, 4, NULL); + } + const EVP_PKEY_ASN1_METHOD dh_asn1_meth = { EVP_PKEY_DH, @@ -88,7 +164,10 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth = 0, 0, - 0,0,0,0,0,0, + dh_param_decode, + dh_param_encode, + 0,0,0, + dh_param_print, int_dh_free, 0 diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c index ea67fb71a0..4e4deb6d13 100644 --- a/crypto/dh/dh_err.c +++ b/crypto/dh/dh_err.c @@ -75,6 +75,7 @@ static ERR_STRING_DATA DH_str_functs[]= {ERR_FUNC(DH_F_DHPARAMS_PRINT_FP), "DHparams_print_fp"}, {ERR_FUNC(DH_F_DH_BUILTIN_GENPARAMS), "DH_BUILTIN_GENPARAMS"}, {ERR_FUNC(DH_F_DH_NEW_METHOD), "DH_new_method"}, +{ERR_FUNC(DH_F_DH_PARAM_DECODE), "DH_PARAM_DECODE"}, {ERR_FUNC(DH_F_GENERATE_KEY), "GENERATE_KEY"}, {ERR_FUNC(DH_F_GENERATE_PARAMETERS), "GENERATE_PARAMETERS"}, {0,NULL} @@ -83,8 +84,8 @@ static ERR_STRING_DATA DH_str_functs[]= static ERR_STRING_DATA DH_str_reasons[]= { {ERR_REASON(DH_R_BAD_GENERATOR) ,"bad generator"}, -{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, {ERR_REASON(DH_R_INVALID_PUBKEY) ,"invalid public key"}, +{ERR_REASON(DH_R_NO_PRIVATE_VALUE) ,"no private value"}, {0,NULL} }; diff --git a/crypto/dh/dh_prn.c b/crypto/dh/dh_prn.c index 04e7c55b7a..ae58c2ac87 100644 --- a/crypto/dh/dh_prn.c +++ b/crypto/dh/dh_prn.c @@ -78,47 +78,3 @@ int DHparams_print_fp(FILE *fp, const DH *x) return(ret); } #endif - -int DHparams_print(BIO *bp, const DH *x) - { - unsigned char *m=NULL; - int reason=ERR_R_BUF_LIB,ret=0; - size_t buf_len=0, i; - - if (x->p) - buf_len = (size_t)BN_num_bytes(x->p); - else - { - reason = ERR_R_PASSED_NULL_PARAMETER; - goto err; - } - if (x->g) - if (buf_len < (i = (size_t)BN_num_bytes(x->g))) - buf_len = i; - m=(unsigned char *)OPENSSL_malloc(buf_len+10); - if (m == NULL) - { - reason=ERR_R_MALLOC_FAILURE; - goto err; - } - - if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n", - BN_num_bits(x->p)) <= 0) - goto err; - if (!ASN1_bn_print(bp,"prime:",x->p,m,4)) goto err; - if (!ASN1_bn_print(bp,"generator:",x->g,m,4)) goto err; - if (x->length != 0) - { - if (BIO_printf(bp," recommended-private-length: %d bits\n", - (int)x->length) <= 0) goto err; - } - ret=1; - if (0) - { -err: - DHerr(DH_F_DHPARAMS_PRINT,reason); - } - if (m != NULL) OPENSSL_free(m); - return(ret); - } - diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index 5ee83e33ba..502b4896a3 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -260,6 +260,7 @@ void ERR_load_DSA_strings(void); #define DSA_F_DSA_DO_SIGN 112 #define DSA_F_DSA_DO_VERIFY 113 #define DSA_F_DSA_NEW_METHOD 103 +#define DSA_F_DSA_PARAM_DECODE 119 #define DSA_F_DSA_PRINT 104 #define DSA_F_DSA_PRINT_FP 105 #define DSA_F_DSA_PRIV_DECODE 115 diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 31982242e2..9d55665c4a 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -473,6 +473,23 @@ err: return(ret); } +static int dsa_param_decode(EVP_PKEY *pkey, + const unsigned char **pder, int derlen) + { + DSA *dsa; + if (!(dsa = d2i_DSAparams(NULL, pder, derlen))) + { + DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB); + return 0; + } + EVP_PKEY_assign_DSA(pkey, dsa); + return 1; + } + +static int dsa_param_encode(const EVP_PKEY *pkey, unsigned char **pder) + { + return i2d_DSAparams(pkey->pkey.dsa, pder); + } static int dsa_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) @@ -560,7 +577,8 @@ const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[] = int_dsa_size, dsa_bits, - 0,0, + dsa_param_decode, + dsa_param_encode, dsa_missing_parameters, dsa_copy_parameters, dsa_cmp_parameters, diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c index 920cabf282..492c8fa3d0 100644 --- a/crypto/dsa/dsa_err.c +++ b/crypto/dsa/dsa_err.c @@ -76,6 +76,7 @@ static ERR_STRING_DATA DSA_str_functs[]= {ERR_FUNC(DSA_F_DSA_DO_SIGN), "DSA_do_sign"}, {ERR_FUNC(DSA_F_DSA_DO_VERIFY), "DSA_do_verify"}, {ERR_FUNC(DSA_F_DSA_NEW_METHOD), "DSA_new_method"}, +{ERR_FUNC(DSA_F_DSA_PARAM_DECODE), "DSA_PARAM_DECODE"}, {ERR_FUNC(DSA_F_DSA_PRINT), "DSA_print"}, {ERR_FUNC(DSA_F_DSA_PRINT_FP), "DSA_print_fp"}, {ERR_FUNC(DSA_F_DSA_PRIV_DECODE), "DSA_PRIV_DECODE"}, diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h index a5ec63071a..b937f6419a 100644 --- a/crypto/ec/ec.h +++ b/crypto/ec/ec.h @@ -919,6 +919,7 @@ void ERR_load_EC_strings(void); #define EC_F_D2I_ECPKPARAMETERS 145 #define EC_F_D2I_ECPRIVATEKEY 146 #define EC_F_ECKEY_PARAM2TYPE 211 +#define EC_F_ECKEY_PARAM_DECODE 196 #define EC_F_ECKEY_PRIV_DECODE 212 #define EC_F_ECKEY_PRIV_ENCODE 213 #define EC_F_ECKEY_PUB_DECODE 214 diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 2fee623bad..18c4265cfc 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -515,6 +515,24 @@ err: return(ret); } +static int eckey_param_decode(EVP_PKEY *pkey, + const unsigned char **pder, int derlen) + { + EC_KEY *eckey; + if (!(eckey = d2i_ECParameters(NULL, pder, derlen))) + { + ECerr(EC_F_ECKEY_PARAM_DECODE, ERR_R_EC_LIB); + return 0; + } + EVP_PKEY_assign_EC_KEY(pkey, eckey); + return 1; + } + +static int eckey_param_encode(const EVP_PKEY *pkey, unsigned char **pder) + { + return i2d_ECParameters(pkey->pkey.ec, pder); + } + static int eckey_param_print(BIO *bp, const EVP_PKEY *pkey, int indent, ASN1_PCTX *ctx) { @@ -572,7 +590,8 @@ EVP_PKEY_ASN1_METHOD eckey_asn1_meth = int_ec_size, ec_bits, - 0,0, + eckey_param_decode, + eckey_param_encode, ec_missing_parameters, ec_copy_parameters, ec_cmp_parameters, diff --git a/crypto/ec/ec_err.c b/crypto/ec/ec_err.c index 18a300d753..78dbf486c1 100644 --- a/crypto/ec/ec_err.c +++ b/crypto/ec/ec_err.c @@ -74,6 +74,13 @@ static ERR_STRING_DATA EC_str_functs[]= {ERR_FUNC(EC_F_D2I_ECPARAMETERS), "d2i_ECParameters"}, {ERR_FUNC(EC_F_D2I_ECPKPARAMETERS), "d2i_ECPKParameters"}, {ERR_FUNC(EC_F_D2I_ECPRIVATEKEY), "d2i_ECPrivateKey"}, +{ERR_FUNC(EC_F_ECKEY_PARAM2TYPE), "ECKEY_PARAM2TYPE"}, +{ERR_FUNC(EC_F_ECKEY_PARAM_DECODE), "ECKEY_PARAM_DECODE"}, +{ERR_FUNC(EC_F_ECKEY_PRIV_DECODE), "ECKEY_PRIV_DECODE"}, +{ERR_FUNC(EC_F_ECKEY_PRIV_ENCODE), "ECKEY_PRIV_ENCODE"}, +{ERR_FUNC(EC_F_ECKEY_PUB_DECODE), "ECKEY_PUB_DECODE"}, +{ERR_FUNC(EC_F_ECKEY_PUB_ENCODE), "ECKEY_PUB_ENCODE"}, +{ERR_FUNC(EC_F_ECKEY_TYPE2PARAM), "ECKEY_TYPE2PARAM"}, {ERR_FUNC(EC_F_ECPARAMETERS_PRINT), "ECParameters_print"}, {ERR_FUNC(EC_F_ECPARAMETERS_PRINT_FP), "ECParameters_print_fp"}, {ERR_FUNC(EC_F_ECPKPARAMETERS_PRINT), "ECPKParameters_print"}, @@ -88,6 +95,7 @@ static ERR_STRING_DATA EC_str_functs[]= {ERR_FUNC(EC_F_EC_ASN1_GROUP2PKPARAMETERS), "EC_ASN1_GROUP2PKPARAMETERS"}, {ERR_FUNC(EC_F_EC_ASN1_PARAMETERS2GROUP), "EC_ASN1_PARAMETERS2GROUP"}, {ERR_FUNC(EC_F_EC_ASN1_PKPARAMETERS2GROUP), "EC_ASN1_PKPARAMETERS2GROUP"}, +{ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA), "EC_EX_DATA_set_data"}, {ERR_FUNC(EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY), "EC_GF2M_MONTGOMERY_POINT_MULTIPLY"}, {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT), "ec_GF2m_simple_group_check_discriminant"}, {ERR_FUNC(EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE), "ec_GF2m_simple_group_set_curve"}, @@ -137,7 +145,7 @@ static ERR_STRING_DATA EC_str_functs[]= {ERR_FUNC(EC_F_EC_GROUP_PRECOMPUTE_MULT), "EC_GROUP_precompute_mult"}, {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GF2M), "EC_GROUP_set_curve_GF2m"}, {ERR_FUNC(EC_F_EC_GROUP_SET_CURVE_GFP), "EC_GROUP_set_curve_GFp"}, -{ERR_FUNC(EC_F_EC_EX_DATA_SET_DATA), "EC_EX_DATA_set_data"}, +{ERR_FUNC(EC_F_EC_GROUP_SET_EXTRA_DATA), "EC_GROUP_SET_EXTRA_DATA"}, {ERR_FUNC(EC_F_EC_GROUP_SET_GENERATOR), "EC_GROUP_set_generator"}, {ERR_FUNC(EC_F_EC_KEY_CHECK_KEY), "EC_KEY_check_key"}, {ERR_FUNC(EC_F_EC_KEY_COPY), "EC_KEY_copy"}, @@ -185,6 +193,7 @@ static ERR_STRING_DATA EC_str_reasons[]= {ERR_REASON(EC_R_ASN1_UNKNOWN_FIELD) ,"asn1 unknown field"}, {ERR_REASON(EC_R_BUFFER_TOO_SMALL) ,"buffer too small"}, {ERR_REASON(EC_R_D2I_ECPKPARAMETERS_FAILURE),"d2i ecpkparameters failure"}, +{ERR_REASON(EC_R_DECODE_ERROR) ,"decode error"}, {ERR_REASON(EC_R_DISCRIMINANT_IS_ZERO) ,"discriminant is zero"}, {ERR_REASON(EC_R_EC_GROUP_NEW_BY_NAME_FAILURE),"ec group new by name failure"}, {ERR_REASON(EC_R_GROUP2PKPARAMETERS_FAILURE),"group2pkparameters failure"}, diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h index b273007c0e..e4c91adf58 100644 --- a/crypto/pem/pem.h +++ b/crypto/pem/pem.h @@ -673,6 +673,9 @@ EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, vo int PEM_write_PKCS8PrivateKey(FILE *fp,EVP_PKEY *x,const EVP_CIPHER *enc, char *kstr,int klen, pem_password_cb *cd, void *u); +EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x); +int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x); + #endif /* SSLEAY_MACROS */ diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c index 22793fada0..9631ee2d5d 100644 --- a/crypto/pem/pem_lib.c +++ b/crypto/pem/pem_lib.c @@ -204,6 +204,20 @@ static int check_pem(const char *nm, const char *name) return 0; } + if(!strcmp(name,PEM_STRING_PARAMETERS)) + { + int slen; + const EVP_PKEY_ASN1_METHOD *ameth; + slen = pem_check_suffix(nm, "PARAMETERS"); + if (slen > 0) + { + ameth = EVP_PKEY_asn1_find_str(nm, slen); + if (ameth && ameth->param_decode) + return 1; + } + return 0; + } + /* Permit older strings */ if(!strcmp(nm,PEM_STRING_X509_OLD) && diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index b9067e0745..7747a057f4 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -149,7 +149,7 @@ int PEM_write_bio_PrivateKey(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc, pem_str,bp,(char *)x,enc,kstr,klen,cb,u); } -EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u) +EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x) { char *nm=NULL; const unsigned char *p=NULL; @@ -159,7 +159,7 @@ EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, vo EVP_PKEY *ret=NULL; if (!PEM_bytes_read_bio(&data, &len, &nm, PEM_STRING_PARAMETERS, - bp, cb, u)) + bp, 0, NULL)) return NULL; p = data; @@ -192,7 +192,7 @@ err: return(ret); } -int PEM_write_bio_Paramters(BIO *bp, EVP_PKEY *x) +int PEM_write_bio_Parameters(BIO *bp, EVP_PKEY *x) { char pem_str[80]; if (!x->ameth || !x->ameth->param_encode) |